116 matches found
CVE-2004-0267
The 1 inoregupdate, 2 uniftest, or 3 unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp...
CVE-2002-1516
rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack...
CVE-2003-0950
PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random system time name of the directory used to store the file, and directly requesting that file...
CVE-2003-0136
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file...
CVE-2003-0120
adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name...
CVE-2002-2267
bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file...
CVE-2002-0141
Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file...
CVE-2002-0137
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file...
CVE-2001-0832
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in 1 the ORACLEHOME/rdbms/log directory or 2 an alternate directory as specified in the ORACLEHOME environmental variable, aka the "Orac...
Netscape vulnerable to arbitrary file overwriting via symlink redirection of temporary file
Overview During installation, Netscape 6.0.1 creates a temporary file with insecure options and a predictable name in a world-writable location. By using a symbolic link attack, an attacker could cause overwrite of arbitrary files. Description The installation script for Netscape 6.0.1 creates a...
CVE-1999-1378
dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files...
CVE-2001-0582
Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' dot dot attack, or variations, in 1 GET, 2 CD, 3 NLST, 4 SIZE, 5 RETR...
CVE-2000-0080
AIX techlibss allows local users to overwrite files via a symlink attack...
CVE-2000-0702
The net.init rc script in HP-UX 11.00 S008net.init allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file...
CVE-2000-0646
WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS STAT command while the file is being transferred...
CVE-1999-1269
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file...